<?php
// +----------------------------------------------------------------------
// | ThinkPHP [ WE CAN DO IT JUST THINK IT ]
// +----------------------------------------------------------------------
// | Copyright (c) 2009 http://thinkphp.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: liu21st <liu21st@gmail.com>
// +----------------------------------------------------------------------

class PublicAction extends Action {
	// 检查用户是否登录
	protected function checkUser() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->assign('jumpUrl','Public/login');
			$this->error('没有登录');
		}
	}

        // 顶部页面
       // 顶部页面
    public function top() {
        $menu = $this->menuGen();
        $model = M("Group");
        if(isset($_SESSION['data_menu'.$_SESSION[C('USER_AUTH_KEY')]])) {
            $data_menu = $_SESSION['data_menu'.$_SESSION[C('USER_AUTH_KEY')]];  //分组-一级菜单存到session中
        } else {
            $g = array();
            foreach ($menu as $v) {
                if (0 != $v['group_id']) {
                    $g[] = $v['group_id'];
                }
            }
            $map['id'] = array('in', $g); //取有权限的分组名
            $map['status'] = 1;

            $list = $model->where($map)->order('sort')->getField('id,title');
            $data_menu = array();
            foreach ($list as $key => $value) {
                $data_menu[$key]['title'] = $value;
                foreach ($menu as $mk => $mv) {
                    if($mv['group_id'] == $key && $mv['is_menu'] == 1  ){ //是分组的节点，且必须是菜单
                        $data_menu[$key]['node_name'] = $mv['name']; //获取分组的第一个节点
                        break;
                    }
                        
                }
            }
            $_SESSION['data_menu'.$_SESSION[C('USER_AUTH_KEY')]] =   $data_menu; //存分组到session中
        }

        $this->assign('nodeGroupList', $data_menu);
        return $this->fetch('Public:header');
    }
	// 尾部页面
	public function footer() {
		$this->display();
	}

      //生成菜单，并返回
    protected function menuGen() {
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
            //显示菜单项
            $menu  = array();
            if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {

                //如果已经缓存，直接读取缓存
                $menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];
            }else {
                //读取数据库模块列表生成菜单项
                $node    =   M("Node");
                $id =   $node->getField("id");
                $where['level']=2;
                $where['status']=1;
                $where['pid']=$id;
                //$where['is_menu']=1; //仅显示菜单的节点
                $list   =   $node->where($where)->field('id,name,group_id,title,is_menu')->order('sort asc')->select();
                $accessList = $_SESSION['_ACCESS_LIST'];


                foreach($list as $key=>$module) {
                     if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]['INDEX']) || $_SESSION['administrator']) {
                        //设置模块访问权限 列表有权限的才显示
                        $module['access'] =   1;
                        $menu[$key]  = $module;
                    }
                }
                //缓存二级菜单访问
                $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]] =   $menu;
            }
            return $menu;
        }
        return false;
    }

	// 菜单页面
	public function menu() {
        $this->checkUser();
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
            //显示菜单项
            $menu  = array();
            if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {

                //如果已经缓存，直接读取缓存
                $menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];
            }else {
                //读取数据库模块列表生成菜单项
                $node    =   M("Node");
				$id	=	$node->getField("id");
				$where['level']=2;
				$where['status']=1;
				$where['pid']=$id;
                $list	=	$node->where($where)->field('id,name,group_id,title,is_menu')->order('sort asc')->select();
                $accessList = $_SESSION['_ACCESS_LIST'];
                foreach($list as $key=>$module) {
                     if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]['INDEX']) || $_SESSION['administrator']) {
                        //设置模块访问权限 仅列表 index才能生成菜单
                        $module['access'] =   1;
                        $menu[$key]  = $module;
                    }
                }
                //缓存菜单访问
                $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]]	=	$menu;
            }
			//dump($menu);
            $this->assign('menu',$menu);
		}
		//C('SHOW_RUN_TIME',false);			// 运行时间显示
		//C('SHOW_PAGE_TRACE',false);
		//$this->display();
	}

    //头部页面结合menu,top
    public function header(){
       $this->menu();
       $topnav = $this->top();
       $this->assign('header',$topnav);
    }

    //通过节点的名称获取对应的group_id
    public function getNodeGroupID($menu,$nodeName) {
       //$menu = $this->menu();
       $p_name = strtolower($nodeName);

       foreach ($menu as $value) {
        if(strtolower($value['name']) == $p_name )
        return ($value['group_id']);
       }
    }

    // 后台首页 查看系统信息
    public function main() {
        $this->display();
    }

	// 用户登录页面
	public function login() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->display();
		}else{
			$this->redirect('/Index/index');
		}
	}

	public function index()
	{
		//如果通过认证跳转到首页
		redirect(__APP__);
	}

	// 用户登出
    public function logout()
    {
        if (isset($_SESSION[C('USER_AUTH_KEY')])) {
            $user = getModelName($_SESSION[C('USER_AUTH_KEY')], 'User');
            A('Action')->writeLog($user . '退出系统', '退出', 'Public');
            unset($_SESSION[C('USER_AUTH_KEY')]);
            unset($_SESSION);
            session_destroy();
            $this->assign("jumpUrl",__URL__.'/login/');
            $this->success('登出成功！');
        }else {
            $this->error('已经登出！');
        }
    }

	// 登录检测
   public function checkLogin() {
        if (empty($_POST['account'])) {
            $this->error('帐号错误！');
        } elseif (empty($_POST['password'])) {
            $this->error('密码必须！');
        } elseif (empty($_POST['verify'])) {
            $this->error('验证码必须！');
        }
        //生成认证条件
        $map            =   array();
		// 支持使用绑定帐号登录
		$map['account']	= $_POST['account'];
        $map["status"]	=	array('gt',0);
        if ($_SESSION['verify'] != md5($_POST['verify'])) {
            $this->error('验证码错误！');
        }
		import ( '@.ORG.RBAC' );
        $authInfo = RBAC::authenticate($map);
        //使用用户名、密码和状态的方式进行认证
        if (false === $authInfo) {
            $this->error('帐号不存在或已禁用！');
        } else {
            if ($authInfo['password'] != md5($_POST['password'])) {
                $this->error('密码错误！');
            }
            $_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];
            $_SESSION['email']	=	$authInfo['email'];
            $_SESSION['loginUserName']		=	$authInfo['name'];
            $_SESSION['lastLoginTime']		=	$authInfo['last_login_time'];
			$_SESSION['login_count']	=	$authInfo['login_count'];
            if($authInfo['account']=='admin') {
            	$_SESSION['administrator']		=	true;
            }
            //保存登录信息
			$User	=	M('User');
			$ip		=	get_client_ip();
			$time	=	time();
            $data = array();
			$data['id']	=	$authInfo['id'];
			$data['last_login_time']	=	$time;
			$data['login_count']	=	array('exp','login_count+1');
			$data['last_login_ip']	=	$ip;
			$User->save($data);

			// 缓存访问权限
            RBAC::saveAccessList();
             $user = $authInfo['name'];
                        A('Action')->writeLog($user.'登录系统','登录','Public');
			$this->success('登录成功！');

		}
	}
    // 更换密码
    public function changePwd()
    {
		$this->checkUser();
        //对表单提交处理进行处理或者增加非表单数据
		if(md5($_POST['verify'])	!= $_SESSION['verify']) {
			$this->error('验证码错误！');
		}
        if(empty($_POST['password'])|| $_POST['password'] != $_POST['repassword'])
            $this->error('新密码不能为空或两次密码必须一致！');
		$map	=	array();
        $map['password']= pwdHash($_POST['oldpassword']);
        if(isset($_POST['account'])) {
            $map['account']	 =	 $_POST['account'];
        }elseif(isset($_SESSION[C('USER_AUTH_KEY')])) {
            $map['id']		=	$_SESSION[C('USER_AUTH_KEY')];
        }
        //检查用户
        $User    =   M("User");
        if(!$User->where($map)->field('id')->find()) {
            $this->error('旧密码不符或者用户名错误！');
        }else {
			$User->password	=	pwdHash($_POST['password']);
			$User->save();
            $this->assign('jumpUrl','__APP__');
			$this->success('密码修改成功！');
         }
    }
public function profile() {
		$this->checkUser();
		$User	 =	 M("User");
		$vo	=	$User->getById($_SESSION[C('USER_AUTH_KEY')]);
		$this->assign('vo',$vo);
		$this->display();
	}
	 public function verify()
    {
		$type	 =	 isset($_GET['type'])?$_GET['type']:'gif';
        import("@.ORG.Image");
	//echo $type;
        Image::buildImageVerify(4,1,$type);
    }
// 修改资料
	public function change() {
		$this->checkUser();
		$User	 =	 D("User");
		if(!$User->create()) {
			$this->error($User->getError());
		}
		$result	=	$User->save();
		if(false !== $result) {
            $this->assign('jumpUrl','__APP__');
			$this->success('资料修改成功！');
		}else{
			$this->error('资料修改失败!');
		}
	}
}
?>
